Gonçalo Ribeiro

@goncalor@infosec.exchange
342 Followers
446 Following
3.4K Posts
Defend. Pwn. Infosec. Free software. Vim nerd. #rustlang #electronics
websitehttps://goncalor.com
GitHubhttps://github.com/goncalor
Gonçalo Ribeiro50m ago
fairydoctor1d ago

I NEED AT LEAST $1440 BY JULY 13th TO PAY FIRST/LAST ON MY APARTMENT

277/1440

https://spicycrust.pizza/@fairydoctor/114762111388541651

#mutualaid #MutualAidRequest #transcrowdfund

please boost and/or donate, THANK YOU!

fairydoctor (@fairydoctor@spicycrust.pizza)

# RAISING MOVING FUNDS 🚨 *read more details about my current situation:* https://gofund.me/8b654b04 https://ko-fi.com/i/IC0C71FQWNN *other donation links:* **cashapp:** $fairydoctor **kofi:** https://ko-fi.com/fairydoctor **venmo:** @ lughhudson **paypal:** https://www.paypal.com/donate?campaign_id=FL985KHMF7G9Y *im offering SCP Articles and Tales commissions to raise funds:* https://ko-fi.com/c/6ad2f16697 *my prior work:* http://redacted.website ## 277/3610 #mutualaid #transcrowdfund #MutualAidRequest

Spicy Crust Pizza
Gonçalo Ribeiro8h ago
blinryJun 15

Whoa: Weston, the reference compositor for #Wayland, supports multiple physical independent mice at the same time! 😀

"New mouse, who dis?"

(See toot later in the thread for how to set this up!)

Gonçalo Ribeiro9h ago
Asahi Lina (朝日リナ) // nullptr::live1d ago

Yes, a file full of zero bits transfers faster over USB2.0 than a file full of one bits.

I've known this forever but it still feels ridiculous when you actually test it and it's true!

USB truly is cursed.

Gonçalo Ribeiro1d ago

My take: clothes are to be used until they rip apart.

#fashion #sustainableFashion

Gonçalo Ribeiro1d ago
Natasha Jay3d ago

Respect people who wear glasses.

They paid money to see you.

Gonçalo Ribeiro1d ago
Show threadNetBlocks1d ago
ℹ️ Update: Internet connectivity in #Egypt remains diminished following a fire at the Ramses Central Exchange; network data show national connectivity at 44% of ordinary levels with services including banking, mobile payments and online trade affected 🏧
Gonçalo Ribeiro1d ago
simabossneko1d ago
おはよう✨
Good morning❣️
Gonçalo Ribeiro1d ago
stux⚡1d ago

This is still one of the best #Mastodon themes out there  😆

Edit: it's a default Mastodon flavour in the Glitch-soc fork:
https://github.com/glitch-soc/mastodon/blob/main/app/javascript/styles/win95.scss

Gonçalo Ribeiro1d ago
Show threadKevin Beaumont1d ago

Exploitation IOCs for CVE-2025-5777 aka CitrixBleed 2, these are actively stealing sessions to bypass MFA for almost a month. Some are also doing Netscaler fingerprint scanning first.

64.176.50.109
139.162.47.194
38.154.237.100
38.180.148.215
102.129.235.108
121.237.80.241
45.135.232.2

HT @ntkramer and the folks at @greynoise

Look for lots of connections to your Netscaler devices over past 30 days. More IPs coming as also under mass exploitation. More IPs: https://viz.greynoise.io/tags/citrixbleed-2-cve-2025-5777-attempt?days=30

GreyNoise Visualizer | GreyNoise Visualizer

Gonçalo Ribeiro1d ago
Show threadKevin Beaumont1d ago

Just to be super clear, although Citrix claim that CitrixBleed 2 is in no way related to CitrixBleed, it allows direct session token theft - Citrix are wrong. Horizon3 have the POC and it's already being exploited - Citrix were also wrong.

"Not the most novel thing in the world… but this is much much worse than it initially appears. Take a look at the following video where you’ll see that it’s possible to receive legitimate user session tokens via this vector. "

×
Show threadNetBlocks1d ago
ℹ️ Update: Internet connectivity in #Egypt remains diminished following a fire at the Ramses Central Exchange; network data show national connectivity at 44% of ordinary levels with services including banking, mobile payments and online trade affected 🏧
Show threadNetBlocks22h ago
ℹ️ Update: Internet and telecoms have been disrupted in #Egypt for over 24 hours after a deadly fire broke out at Ramses Central; authorities suspended trading on the Exchange amid efforts to restore connectivity 💱